Separate IAM roles for runner and OIDC

stigian / terraform-aws-archimedes

Terraform module to create compliant AWS resources for container-based applications.

Apache License 2.0

0 stars 0 forks source link

Separate IAM roles for runner and OIDC #6

Open lancehampton opened 1 month ago

lancehampton commented 1 month ago

During testing I used a single role for GitHub Actions to push to ECR, deploy the CodeBuild runner, and deploy the landing zone. Best practice would be to split the roles like:

ArchimedesPublish
ArchimedesRunner
ArchimedesDeploy